[95789] in North American Network Operators' Group
Re: summarising [was: Re: ICANNs role]
daemon@ATHENA.MIT.EDU (Sam Stickland)
Tue Apr 3 18:30:59 2007
Date: Tue, 03 Apr 2007 23:29:27 +0100
From: Sam Stickland <sam_mailinglists@spacething.org>
To: Gadi Evron <ge@linuxbox.org>, nanog@merit.edu
In-Reply-To: <20070403191929.GA24709@core.center.osis.gov>
Errors-To: owner-nanog@merit.edu
Joseph S D Yao wrote:
> On Mon, Apr 02, 2007 at 10:56:00PM -0500, Gadi Evron wrote:
> ...
>
>> I just posted this, and I believe it makes sense:
>>
>> Title: Put Security Alongside .XXX
>>
>> Isn't security as important to discuss as .XSS?
>>
>> The DNS has become an abuse infrastructure, it is no longer just a
>> functional infrastructure. It is not being used by malware, phishing and
>> other Bad Things [TM], it facilitates them.
>>
>
>
> Again - DNS is the infrastructure for EVERYTHING. It facilitates
> EVERYTHING. If you threw it out and put something else in that was not
> as clunky as editing hosts.txt files 'scp'ed from DARPA daily, then THAT
> would be what was facilitating everything.
>
Maybe it would make sense for someone to reiterate what types of abuse
DNS is facilitating? I believe what Gadi was getting at was mainly the
ability to use fake details to register a domain, and then very rapidly
cycling the A records through a wide range of hosts, attempting to avoid
detection. As opposed to there actually being fundamental flaws open to
abuse in a system that maps names to IP addresses.
Sam